<?php
	
	require_once('inc/fen_fns.php');
	
	sec_session_start();

	$tesvik = $_POST['tesvik'];
	$yayin_tipi = $_POST['yayin_tipi'];
	$yayin_turu = $_POST['yayin_turu'];
	$eser_adi = mysql_real_escape_string(trim($_POST['eser_adi']));
	$dergi_adi = mysql_real_escape_string(trim($_POST['dergi_adi']));
	$volume = mysql_real_escape_string(trim($_POST['volume']));
	$issue = mysql_real_escape_string(trim($_POST['issue']));
	$sayfa = mysql_real_escape_string(trim($_POST['sayfa']));
	$yayinevi_adi = mysql_real_escape_string(trim($_POST['yayinevi_adi']));
	$doi_no = mysql_real_escape_string(trim($_POST['doi_no']));
	$yayin_yili = $_POST['yayin_yili'];
	$yazar_sayisi = $_POST['yazar_sayisi'];
	$indeks_turu = $_POST['indeks_turu'];
	$indeks_alan = mysql_real_escape_string(trim($_POST['indeks_alan']));
	$sinif = $_POST['sinif'];
	$kitap_adi = mysql_real_escape_string(trim($_POST['kitap_adi']));
	$editor_adi = mysql_real_escape_string(trim($_POST['editor_adi']));
	$isbn_no = mysql_real_escape_string(trim($_POST['isbn_no']));
	
	if ($indeks_turu != 'Alan') {
		$indeks_alan = "";
	}

	if(login_check($mysqli, '>', '10') == true) {
		
		$query = $_DB->Query("insert into fen_publications values
                         (null,
						 '".$_SESSION['user_id']."',
						 '".$tesvik."',
						 '".$yayin_tipi."',
						 '".$yayin_turu."',
						 '".$eser_adi."',
						 '".$dergi_adi."',
						 '".$volume."',
						 '".$issue."',
						 '".$sayfa."',
						 '".$yayinevi_adi."',
						 '".$doi_no."',
						 '".$yayin_yili."',
						 '".$yazar_sayisi."',
						 '".$indeks_turu."',
						 '".$indeks_alan."',
						 '".$sinif."',
						 '".$kitap_adi."',
				 		 '".$editor_adi."',
						 '".$isbn_no."',
						 DATE_ADD(CURRENT_TIMESTAMP, INTERVAL 3 HOUR),
						 DATE_ADD(CURRENT_TIMESTAMP, INTERVAL 3 HOUR)
						 )");
		
		$queryforid = $_DB->Query("SELECT id FROM fen_publications WHERE eser_adi = '".$eser_adi."' and member_id = '".$_SESSION['user_id']."' and yayin_yili = '".$yayin_yili."'");
		
		$query = $_DB->Query("SELECT fen_members.username, fen_members.name, fen_members.surname, fen_members.titr, fen_faculty.faculty_name, fen_department.department_name FROM fen_members, fen_faculty, fen_department where fen_members.username = '".$_SESSION['username']."' and fen_members.faculty_id = fen_faculty.id and fen_members.department_id = fen_department.id");
		$fullname = $_DB->GetResultValue($query, "0", "name")." ".$_DB->GetResultValue($query, "0", "surname");
		$username = $_DB->GetResultValue($query, "0", "username");
		
	    function GetIP() {
		   	if(getenv("HTTP_CLIENT_IP")) {
		   		$ip = getenv("HTTP_CLIENT_IP");
		   	} elseif(getenv("HTTP_X_FORWARDED_FOR")) {
		   		$ip = getenv("HTTP_X_FORWARDED_FOR");
		   		if (strstr($ip, ',')) {
		   			$tmp = explode (',', $ip);
		   			$ip = trim($tmp[0]);
		   		}
		   	} else {
		   		$ip = getenv("REMOTE_ADDR");
		   	}
		   	return $ip;
	    }
	    $ip = GetIP();
		
		$query1 = $_DB->Query("insert into fen_transaction_history values
                         (null,
						 '".$_DB->GetResultValue($queryforid, "0", "id")."',
						 '".YAYINKAYIT."',
						 '".$ip."',
						 DATE_ADD(CURRENT_TIMESTAMP, INTERVAL 3 HOUR),
		  				 '".$username."'
						 )");
						 
		if ($tesvik == '1') {
			
			$query2 = $_DB->Query("insert into fen_publication_app values
                         (null,
						 '".$_SESSION['user_id']."',
						 '".$_DB->GetResultValue($queryforid, "0", "id")."',
						 '2',
		  				 '',
						 DATE_ADD(CURRENT_TIMESTAMP, INTERVAL 3 HOUR),
		  				 '',
						 DATE_ADD(CURRENT_TIMESTAMP, INTERVAL 3 HOUR)
						 )");
			
			$query3 = $_DB->Query("insert into fen_transaction_history values
                         (null,
						 '".$_DB->GetResultValue($queryforid, "0", "id")."',
						 '".TESVIKBASVURU."',
						 '".$ip."',					
						 DATE_ADD(CURRENT_TIMESTAMP, INTERVAL 3 HOUR),
		  				 '".$username."'
						 )");
		}
			
		header('Location: ./form.php?fid=2');
	
	} else {
		header('Location: ./index.php?error=2');
	}